SecurityWeek reports that Siemens has confirmed ongoing efforts with Microsoft to remediate a Microsoft Defender Antivirus issue impacting Simatic PCS 7 and PCS Neo process control systems.With Microsoft Defender Antivirus not offering an "Alert only" function, configuring it to "ignore" prevents any action or alert generation, while usage of another setting could prompt deletion or quarantining of potentially malicious files, which are either true or false positives, that could result in subsequent system disruptions, according to Siemens. "The result could be that affected devices will not work anymore, which can lead to loss of monitoring and control of the plant," said Siemens. Organizations leveraging Siemens Simatic PCS have been urged to perform risk assessments to identify their need for alerts regarding malware compromise or potential service disruptions stemming from file removal, as well as implement different configurations to separate clusters of affected devices while waiting for the fix.
Patch/Configuration Management, Endpoint/Device Security
Siemens: Fixes for Microsoft Defender Antivirus issue in Simatic PCS underway

(Adobe Stock)
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



